package com.cskaoyan.controller;

import com.cskaoyan.anno.MyLog;
import com.cskaoyan.bean.ActiveUser;
import com.cskaoyan.service.user.AuthService;
import com.cskaoyan.vo.BaseRespVo;
import com.cskaoyan.vo.system.AdminInfoVo;
import com.cskaoyan.vo.user.DashBoardVo;
import org.apache.shiro.session.Session;
import org.springframework.beans.factory.annotation.Autowired;
import com.cskaoyan.bo.user.UserLoginBo;
import com.cskaoyan.token.MallToken;
import com.cskaoyan.vo.temp.LoginDataVo;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;

import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.io.Serializable;
import java.util.ArrayList;

@RestController
public class AuthController {
    @Autowired
    AuthService authService;

    private ObjectMapper objectMapper = new ObjectMapper();

    // Result{"code":"", "data":"", "message":""}中为null的value不序列化
    {
        objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
    }


    // @RequestMapping("admin/auth/login")
    // public BaseRespVo login(@RequestBody UserLoginBo userLoginBo) {
    //     System.out.println(userLoginBo);
    //     return BaseRespVo.ok("53638abe-f92c-4245-84b3-3cdfcd6b3fd9");
    // }

    @MyLog
    @RequestMapping("admin/auth/login")
    public BaseRespVo AdminLogin(@RequestBody UserLoginBo userLoginBo) {
        // sb会自动帮助注入SecurityManager，所以这里不必再设置
        // SecurityUtils.setSecurityManager();
        MallToken adminToken = new MallToken(userLoginBo.getUsername(), userLoginBo.getPassword(), "admin");
        Subject subject = SecurityUtils.getSubject();
        try {
            subject.login(adminToken);
        } catch (Exception e) {
            // 未认证成功则需要跳转到认证页面
            return BaseRespVo.error(605, "账号密码不正确");
        }
        // 把sessionID 交给前台维护
        Serializable id = subject.getSession().getId();
        subject.getSession().setAttribute("username", userLoginBo.getUsername());
        System.out.println("xinfenzhi");
        return BaseRespVo.ok(id);
    }

    @RequestMapping("admin/auth/info")
    public BaseRespVo info(String token) {
        Subject subject = SecurityUtils.getSubject();
        ActiveUser principal = (ActiveUser) subject.getPrincipal();
        String username = (String) subject.getSession().getAttribute("username");

        AdminInfoVo adminInfoVo = authService.getAdminInfo(username);
        // principal.setPerms(adminInfoVo.getPerms());

        return BaseRespVo.ok(adminInfoVo);
    }

    @RequestMapping("admin/dashboard")
    // @RequiresPermissions(value = {"admin:admin:list", "*"}, logical = Logical.OR)
    public BaseRespVo dashboard() {
        // DashBoardVo dashBoardVo = new DashBoardVo();
        DashBoardVo dashBoardVo = authService.dashBoard();
        return BaseRespVo.ok(dashBoardVo);
    }

    // 处理没有经过认证的请求
    @RequestMapping("/unAuthc")
    public BaseRespVo unAuthc() {

        return BaseRespVo.error(501, "请先登陆");
    }

    // 退出登陆要清除会话中的用户信息

    @MyLog
    @RequestMapping("admin/auth/logout")
    public BaseRespVo AdminLogout() {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return BaseRespVo.ok();
    }

}
